From 6ba229202938b65de8e1da05485e62e4bf7d57be Mon Sep 17 00:00:00 2001
From: instantraaamen <masa.shiramizu@gmail.com>
Date: Mon, 20 Apr 2026 05:25:08 +0900
Subject: [PATCH] fix: Escape HTML in display_explanations to prevent XSS

Column names and cell values from evaluation DataFrames are rendered
via IPython.display.HTML without sanitization. A crafted DataFrame
(e.g. from a shared dataset or model output) can inject arbitrary
HTML/JS that executes in the Colab/Jupyter session.

Apply html.escape() to both column headers and cell values before
interpolation, consistent with the escaping already used elsewhere
in the codebase.

Fixes both vertexai/evaluation and vertexai/preview/evaluation paths.
---
 vertexai/evaluation/notebook_utils.py         | 5 ++++-
 vertexai/preview/evaluation/notebook_utils.py | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/vertexai/evaluation/notebook_utils.py b/vertexai/evaluation/notebook_utils.py
index 0d29e5efcb..f6b8cc7a64 100644
--- a/vertexai/evaluation/notebook_utils.py
+++ b/vertexai/evaluation/notebook_utils.py
@@ -16,6 +16,7 @@
 #
 """Python functions which run only within a Jupyter or Colab notebook."""
 
+import html as html_lib
 import random
 import string
 import sys
@@ -153,7 +154,9 @@ def display_explanations(
 
     for _, row in df.iterrows():
         for col in df.columns:
-            display(HTML(f"<div style='{style}'><h4>{col}:</h4>{row[col]}</div>"))
+            safe_col = html_lib.escape(str(col))
+            safe_val = html_lib.escape(str(row[col]))
+            display(HTML(f"<div style='{style}'><h4>{safe_col}:</h4>{safe_val}</div>"))
         display(HTML("<hr>"))
 
 
diff --git a/vertexai/preview/evaluation/notebook_utils.py b/vertexai/preview/evaluation/notebook_utils.py
index 942945ca13..175771f8c7 100644
--- a/vertexai/preview/evaluation/notebook_utils.py
+++ b/vertexai/preview/evaluation/notebook_utils.py
@@ -16,6 +16,7 @@
 #
 """Python functions which run only within a Jupyter or Colab notebook."""
 
+import html as html_lib
 import random
 import string
 import sys
@@ -153,7 +154,9 @@ def display_explanations(
 
     for _, row in df.iterrows():
         for col in df.columns:
-            display(HTML(f"<div style='{style}'><h4>{col}:</h4>{row[col]}</div>"))
+            safe_col = html_lib.escape(str(col))
+            safe_val = html_lib.escape(str(row[col]))
+            display(HTML(f"<div style='{style}'><h4>{safe_col}:</h4>{safe_val}</div>"))
         display(HTML("<hr>"))